Serverless function Scan specific region

Hi Expert ,

I would like to know that we can specify some regions with not scan all-region for  serverless function scan ?  or in this case  we will restrict  account with IAM to specific region 

Thank you

Enhanced auto-remediation

Hi Folks, 

I use that enhanced auto-remediation (https://github.com/PaloAltoNetworks/Prisma-Enhanced-Remediation#getting-started) trying to auto remediate alerts detected in Prisma.
For some reasons some alerts that can not be remediated due to lack o

Prisma Cloud On Board Error

Hi all,

i'm trying to on board an AWS cloud account(i'm admin) on Prisma Cloud tenant (i'm system admin), but after successful creation of Read-only Role on AWS, with guided procedure, i get "not account owner" error (screenshot attached)

Someone

"Failed to resolve RBAC resources for defender" - Repeating defender ERRO in console logs.

Every 15 minutes for several agents from different k8s clusters, such an error appears in the console:

ERRO 2022-01-30T21:38:05.885 pubsub_defender.go:2154 Failed to resolve RBAC resources for defender *defender_name*: {*k8s_cluster_name* {Get "htt

Issue when configuring SSO - "Prisma Cloud Access SAML URL" field

Hello,

I have the following error code when I try to type *anything* in the "Prisma Cloud Access SAML URL" field.

The GUI immediately fails with the following error code: 3b1b16703754455989b01793f0ef4fd7

Kind regards

Error: Unable to ingest data from one or more accounts

Cloud account cannot be monitored due to missing permissions. Hit the Review button to see the current status and update settings. Error: Unable to ingest data from one or more services.

RQL query for resources outside the authorized regions

Hello Prisma Cloud users,

I'm sharing with you some research I did this morning that you may find interesting. We want to detect and prevent when a resource is created in an unauthorized region.

RQL query to check for any Change in role for Instance

I am trying to create an RQL query, which will check if anyone attaches or modify roles to an AWS instance.

I am using the below Query :

I did some testing on one of th

access to console

Something went wrong

Please try again and if you continue to see this error, please contact the Prisma Cloud team with the following error code: 9afadde495e84126b078b948fc517a2d

Port Scan Activity (External) too much noise but can there be a way to really Alert only on risky ports (config is vulnerable)

I got an AHA/Idea (aka RFE) for Prisma Cloud's Network Anomaly of Port Scan Activity (external) as Prisma Cloud just alerts as-is if someone is knocking at our door regardless if the port is secure otherwise.

We want some intelligence built-in to c

Need to understand about SFTP server for file exchange monitoring

Hi Team,

Is this possible to use the  Prisma Cloud tenants to monitor a resource in our GCP environment. This resource is an SFTP server for file exchange.
Kindly confirm on the details please.

Instance type: Prisma Enterprise edition

Prisma Clo

Is this CVE for node.js or next.js?

My console is flagging node.js v16.14.0 with CVE-2021-43803 which appears to be targeting Next.js instead. I checked the CVE and it looks like it was recently updated from OR to and AND rule. Could this be an outdated rule? My intelligence stream is

Networking runtime policy failed to detect traffic to ec2 meta-data IP address

Hi, I've learned Prisma Cloud in the past couple of weeks, and I have an issue with the networking runtime policy that I've been configured. It can't detect traffic to EC2 meta-data IP address whether using alert or block. But when I'm using host run

Need expert advice on below quries.

Hi All,

Need expert advice on below.

1. How to use twistlock CLI for modifying the policy and rules for the console. 

2. How to import the rest of the compliance template (apart from attachment)while creating a new policy. Please also share the l

Prisma detecting CVEs when pulled but not during scan job in CI

So, I'm basically pulling the base images of the certain OS,  and hardening them to reload onto another registry. When I pull the image and harden and push, under CI Scans of (Gitlab) of my pipeline. I don't get any CVEs. But when I pull the same ima